Skip to Content

CISA Publishes a Dozen ICS Advisories

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a dozen advisories warning of vulnerabilities in various Industrial Control Systems (ICS). Affected products include Sewio RTLS Studio, 2 RONDS Equipment Predictive Maintenance Solution, InHand Networks InRouter, Panasonic Sanyo CCTV Network Camera, SAUTER Controls Nova 200 – 220 Series (PLC 6), Johnson Controls Metasys, Hitachi Energy Lumada APM, Siemens S7-1500 CPU devices, Siemens Mendix SAML Module, Siemens Automation License Manager, Siemens Solid Edge before V2023 MP1, and Philips Patient Information Center iX (PIC iX) and Efficia CM Series (Update A).

  • ICSA-23-012-01 Sewio RTLS Studio
  • ICSA-23-012-02 RONDS Equipment Predictive Maintenance Solution
  • ICSA-23-012-03 InHand Networks InRouter
  • ICSA-23-012-04 Panasonic Sanyo CCTV Network Camera
  • ICSA-23-012-05 SAUTER Controls Nova 200 – 220 Series (PLC 6)
  • ICSA-23-012-06 Johnson Controls Metasys
  • ICSA-23-012-07 Hitachi Energy Lumada APM
  • ICSA-23-012-08 Siemens S7-1500 CPU devices
  • ICSA-23-012-09 Siemens Mendix SAML Module
  • ICSA-23-012-10 Siemens Automation License Manager
  • ICSA-23-012-11 Siemens Solid Edge before V2023 MP1
  • ICSMA-21-322-02 Philips Patient Information Center iX (PIC iX) and Efficia CM Series (Update A)

Note

  • You should be subscribed to these notifications, in addition to your vendor security bulletins. (The subscribe information is at the bottom of the CISA web page below.) Note that the alerts for InHand’s InRouter include CVE-2023-22600, a remote command injection flaw, with a CVSS score of 10.0. I know you’re focusing on proper segmenting and monitoring, don’t forget to ensure updates are also applied.

Read more in

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.